BSDSUCCESS STORIES

11 Success stories with BSD

Adventures in BSD

How BSD Keeps Me Sane

FreeBSD at Shannon Medical Center

BSD in a Panic

You Haven’t Had E-mail Since When? FreeBSD saves a dot-org, and maybe me, too!

A FreeBSD Success Story (and DragonflyBSD too)

BSD In a Office

Museum Guardian

OpenBSD Saves the Day

A FreeBSD Implementation

Open Source Software in Co-operation Ireland Introduction

The BSDs have earned a reputation for stability, security, and performance. That's no accident. Their Unix heritage provides the power. Careful attention to detail and correctness on the part of their developers provides the finesse. This has produced highly-reliable systems that are easy to administer, flexible to any task, and compatible with tens of thousands of pieces of open source software. No wonder BSD is a popular choice with ISPs and the basis for Apple's Darwin! The BSDs are also proving themselves popular with both sysadmins and users looking for alternatives to expensive, proprietary, and inflexible operating systems. This collection of BSD Success Stories—written by ordinary users-- shows just a few of the many ways in which the BSDs solve real problems all day, every day. Adventures in BSD by Michael Josefsson

I am sometimes asked “Why do you use old LAN software to run under Windows. FreeBSD?” My usual ‘auto-response’ is I don’t remember why, perhaps I was a “Because it is the best!” While I truly think victim of my own ignorance. After reading it is the best, this reply does not really the Windows docs I managed to set up a answer the question. I hope this article common workgroup for the two labs. With will better explain my feelings. a 486/66 Windows box working as a file Way back in 1994 I became the manager of server we again had a fully functioning a hardware laboratory at my old University. lab.or so we thought! I was to manage the labs in all aspects, from I found that it was possible to access the computers down to data sheets, pliers, and server’s shared area and was quite pleased students. With over 300 students attending with my doings. I compiled some typical each year, this was a very time-consuming code from a client machine and everything task. Of the three labs, only two had ran as expected. I did not test network computers and networks in them. In the performance under a higher load. The third lab, 16 serial lines were connected idea never crossed my mind. through a Xyplex terminal server to a During one compilation, several large, computer of unknown pedigree. (It later multi-megabyte files were created in the turned out to be a Sun 3.) I had been into project’s home directory. This was in itself computers since the early 80s and PCs since not a problem as the network’s bandwidth 1989, but I had never touched a network was not saturated. However, all this data of any kind. moving in and out of the server turned out The two labs were connected by a Lantastic to be detrimental to its health. With 10-15 LAN. Only one area of the server’s disk was clients chewing away, the load on the server shared and every student stored his own increased. After a period of time ranging home-directory on it. As long as everything from a few minutes to several hours, the worked fine, and it generally did, I had server would unexpectedly crash. A reboot better things to do than trying to under- got everything working again. All source stand what this network setup was all files had been auto-saved before entering the about. The odd downtime was mostly due compilation stage so it was easy to start over to students tampering with the RG-58 coax and hope for more success the second time. that ran from one machine to another Still, the situation was less than satisfactory. continuing on into the next lab. Problems At this point, OS/2 entered the story. In were easy to locate. I knew the coax had the outside world, was being to be terminated with a 50-ohm BNC deployed. I got my hands on an old OS/2 terminator and moving this terminator 2.1 demo CD. After several problems I got to strategic places along the cable always it up and running. I thought it was cool led me to the culprit. and ordered my own OS/2 Warp soon after. Then there was a software upgrade. The Warp was my favourite desktop for years labs had been running MS-DOS with a to come. I really liked the smooth user DOS-based compiler for many years. The interface and enjoyed the increased stability new version of the compiler required MS compared to the Windows version I had Windows. (At the time this meant Windows used earlier. A co-worker with a similar for Workgroups 3.11.) I could not get the interest in computers used Windows 95

2 and had to re-install every three to four FreeBSD. In the beginning of August, when months. The system would somehow clog I had to wire-up the lab’s new infrastructure, itself up beyond recognition. My OS/2 I made FreeBSD run the lab for me. That machine ran happily all the time. Great! turned out to be a wise move; not one Except for the RSA DES Challenge. Being spontaneous reboot occurred during the outside of the United States I took an years to come. interest in the Swedish-run SolNet DES- With a busy lab, reliability is of major impor- attack. With SolNet’s limited resources tance. The logs show students accessing the there was quite some time before an OS/2 server around the clock. FreeBSD really is executable was published. The situation reliable; the server’s longest uptime to date annoyed me. is 220 days. So what to do? I was unwilling to give-up By now, things were moving fast. The third OS/2 and surrender to Windows 95. I had lab was also computerized. (The introduction started to experiment with , a Unix- of Microchip’s PIC line of processors neces- like system but felt very little enthusiasm for sitated this.) I added a couple of hubs and it. Because of an earlier experience with HP- the labs were interconnected. The next UX, I was under the impression that Unix summer I set up a local name server and only represented an extremely complicated a private domain on a FreeBSD box with way of doing things, and therefore, Unix two NICs—one for the internal net and one was ruled out. for external access. There was no forwarding At this time, there were executables for between the two interfaces. This setup FreeBSD available. Not knowing much allowed me, as admin, to download about FreeBSD, I made an FTP install software which I then installed on the of 2.1.7-STABLE. The DES-client ran as clients. Each project team in the lab had expected. I figured out nice commands; its own home, with permissions fixed so kill -STOP, kill -CONT and that putting they could not peek at each other’s work. an ampersand (&) after the command line They could also edit files at home and ran a job in the background. Cool! I could upload via FTP. I added the system user manage every aspect of the program. A taste as a way to keep a central repository of of a new world! This was very enticing. programs and files that every client would My success was short-lived. There was need—Adobe Acrobat for Windows for example, soon a new DES client requiring newer libs, printer drivers, upgrades and other stuff. which forced me to install 2.2.2. This time Until now all data sheets had been in a I ordered the 2 disc FreeBSD set from folder in my room. The projects’ supervisors Walnut Creek sometime around June 1997. had access to the folder and make copies Before the summer I had plans to replace which they handed out to the project teams. the lab server with OS/2, but during the There were 95 steps to the photo copier, summer, I experimented with FreeBSD and with 95 steps back from it, handling and learned about TCP/IP, Samba, FTP the data sheets became more and more and Unix. cumbersome as a variety of components The client machines in the lab were using were added. What to do? Install Apache! Windows 95 and since we had to get rid Putting the data sheets on the server in of Windows for Workgroups anyway, I PDF-format has eliminated the actual paper installed FreeBSD on each and every handling. This was a truly brilliant move machine. I made further experiments with that I wish I had thought of earlier. Now the r*-services (rsh, rcp, ruptime, etc.) each project group could peruse the among other things. All in all, the experi- available components’ data sheets, both from ments made me confident with managing home and when in the lab before committing

3 Adventures in BSD, continued

the device into their project. Some students with vinum(8). Thus the entire /usr is printed out data sheets of course, but I see a safeguarded from disk failure. To ease new trend of more and more students reading the installations and administration, each client specs directly off the screen. has a P:\ (P for program) directory with all There is a lot of activity in the labs. With non-standard Windows 95 software. It is up to 75 students there at the same time, now sufficient to install new software on not all of them can be busy with their only one client; it will become available to assignment; installing MP3s on the clients the other clients at the next log-in. Every has become a popular pastime. It is quite home share is attached as Q:\ on the client. possible that the especially zealous students To this end, Samba is configured as an NT fiddle around with the system settings of domain controller. Log-in scripts handle the Windows 95 and cause damage! To simplify actual attachment of the devices at log-in the Windows re-installation, we have made a time. On the FreeBSD side I use NFS and complete 2 gigabyte image of the Windows amd(8) to automount the user’s home partition which easily can be downloaded directories upon log-in. and written onto the machines. While this I have unfortunately left OS/2. I really liked may sound rather brutal, it works well in the Workplace , but the functionality practice. In fact, every machine in the lab built into even a basic FreeBSD system makes was born this way. me more productive. I have now been using Needless to say, the client machines dual- FreeBSD exclusively for over two years for boot between Windows 95 and FreeBSD. all my desktop needs. My experience is best It is a particular pleasure to find the summarized by something I saw someone students shutting down Windows and post to one of the FreeBSD mailing lists: rebooting into FreeBSD because they feel “I’m home.” more at home with it. Michael Josefsson is a research engineer at Earlier I mentioned we had a Sun 3 box. Linköping University, Linköping, Sweden. That particular machine has gone to the Originally published as Daemon News: scrap heap and the FreeBSD server has Adventures in BSD replaced it. Using the ports, I installed the www.daemonnews.org/200107/adventure.html m68k-coff cross-compiler and spent some time rebuilding the libs needed for our particular hardware. We were able to get rid of gcc-1.40 and now use gcc-2.8.1 for our in house built 68008 computer card. Some small bits and pieces complete the picture. The server has been endowed with a Tandberg SLR-5 tape backup. Once a week I do a level 0 dump and every night a cron job initiates a level 1 incremental backup. The machines’ disks are mirrored

4 How BSD Keeps Me Sane by Isaac Levy

I am a web application developer, and work specific problems. The consistency is so with Zope and ZEO clustering, as well as well executed in the BSDs, it’s completely web application performance tuning and transparent and therefore easily forgotten. clustering. I have chosen to work with the To make things worse, three weeks after BSDs for years for several reasons. the project ended, the boxes were cracked When working as a young *NIX admin for due to a mail related configuration error, my first Open Source based company, I had exploiting a hole that the GUI mail adminis- to perform install-monkey tasks for Red Hat tration tools could not close. The system systems. The process was excruciating, as it was now a and IRC server. My client started with the installer (simple enough). I decided to switch to Red Hat in light of the spent the next three hours removing and compromise and set up two new Red Hat disabling all of the games and miscellaneous boxes. With a new set of what I felt to be daemons running on the system. un-unix like configurations and conventions After my first FreeBSD minimal install five and lackluster documentation natively years ago, I ran top and expected to learn available, I hacked my way through a whole new set of things I had to turn off rebuilding the web-applications—nearly when, to my surprise, top didn’t even fill from scratch—forcing a completely different an 80x24 terminal! I then proceeded to find configuration in the end. The changes and out that man pages were actually cherished the costs incurred by the client made them and stellar on the BSDs, and have success- choose not to pay me to document the new fully used the BSDs as the core of every system and changes properly. (I couldn’t project since. bear that idea and provided basic configu- Recently, I worked on a Zope project on ration and system notes.) This refreshed another sysadmin’s network, then running my deep appreciation for the BSDs. For Mandrake. I had never worked on Mandrake the bulk of my projects, I hardly think before, and was immediately totally lost in about the BSDs because things that truly reverse-engineer and second-guess someone work transparently support everything. else’s brain to run our web apps and Object Isaac Levy is an independent web appli- DB, which was extremely costly, as the servers cation developer and consultant in New needed to run in a fairly advanced cluster York City, with a focus on Open Source setup. I lost hours on the project, and in the solutions and development. Isaac has end, lost sleep making the system run in a worked in Open Source web hosting, in manner I found comfortable. With that, Zope development, and with BSD Unix all of the applications I’m used to compiling for years in various forms. He aims to bring myself, or installing via ports, were all part experience in large enterprise software appli- of the base install—and with configurations cations to small and medium businesses. completely customized to someone else’s needs and massively undocumented! I suddenly deeply began to appreciate something in the BSDs which I have always taken for granted, uniform adherence to standards and well-documented working processes which free me to solve very

6 FreeBSD at Shannon Medical Center by Andrew Gould

Shannon Medical Center is a not-for-profit unsupported by the commercial DSS. The trauma center in West Texas that acts as the database is used primarily for financial, safety-net hospital for the surrounding area. clinical and market share analysis. Some of As the health care industry is under pressure the results of this implementation include: from increased costs of providing health care, • Hospital management receives infor- coupled with reductions in reimbursements mation that was previously unavailable. for providing that care, the importance of • Increased efficiency—highly focused, providing timely information to hospital clinical data analysis reduces the number management has never been higher. of medical charts to be reviewed manually. Shannon Medical Center uses a Decision • Unplanned downtime since/including Support System (DSS) from a commercial installation = 0. vendor. In 2000, a supplemental decision • License fees since/including support database was built using FreeBSD installation = $0. and PostgreSQL. This system integrates key data from the commercial DSS, other • Support expenses since/including sources of internal data that cannot be installation = $0. imported into the commercial DSS, and The flexibility and low cost of this project external data for benchmarking purposes. reduce our dependency upon vendors and Analysts access the data using preexisting free us from many budgetary constraints. database clients via ODBC, eliminating the We can adapt the system whenever we need for additional training. The initial want, however we want, to meet our system was built on an existing desktop changing needs. computer for proof-of-concept. Due to the Andrew Gould, CPA, performs financial project’s success, the system’s hardware was and clinical data analysis for Shannon upgraded to a database server in 2001. Medical Center. His primary tool for data In the words of Andrew Gould, Manager, integration is a PostgreSQL database server Clinical Decision Support: running on FreeBSD. Andrew has been The FreeBSD/PostgreSQL combination is using FreeBSD at both work and home for extremely flexible and robust. FreeBSD four years. Andrew has a BS in Education provides a stable and efficient environment and a BBA in Accounting from the for the database server. The relational data University of Texas at Austin. model facilitates flexible analysis that is

7 BSD in a Panic by Michael Lucas

My employer’s main business is designing I handed the problem to a minion and said Web applications, but once those applica- “Here, do something about this.” I knew tions are built our clients turn around and bandwidth could be managed at many ask “Where should we host this?” That’s points: the Web servers themselves, the where I come in, building and running a load balancer in front of them, the small but professional-grade data center commercial firewall, or even the router. for custom applications. Tuesday after the visitation I found my As with any new business, our hosting cellphone full of messages. operation had to make the most of the Information Server can manage bandwidth resources we had. Our resources were — in eight megabyte increments and only strictly limited to cast-off hardware from if the content is static HTML and JPEG files. the web developers and free software. With several Web servers behind the load The only major expense was a big-name balancer, that fell somewhere between commercial firewall, purchased for useless and laughable. The load balancer marketing reasons rather than technical did support traffic shaping, if we bought ones. With FreeBSD and a whole mess of the new feature set. If we plopped down open-source software, we built a reliable a credit card number, we could have it network management system that provides installed by next Sunday. Our big-name the clients with a great deal of insight into commercial firewall also had traffic shaping their equipment. The clients, of course, pay features available, if we upgraded our for their own hardware and so have fancy service level and paid an additional (and high-end rackmount servers with their quite hefty) fee for the feature set. That left chosen applications, platforms, and the router, which I had previously investi- operating systems. We’ve since upgraded gated and found would support traffic the hardware — warranties are nice, after shaping with only a flash upgrade. all! — but have seen no need to change I was on the phone until midnight Tuesday the software. night, making arrangements to do an One day, a customer that had expected to emergency OS upgrade on the router on use very little bandwidth found that they Wednesday night. I had planned to go to had enough requests coming in to use the funeral in the morning, give the eulogy, close to twice the bandwidth we had for go home and take a nap, and arrive at work the entire datacenter. This affected every at midnight ready to rock. The funeral customer, slowing the entire hosting turned out to be more dramatic than I environment to speeds comparable to a had expected and I showed up at work at snail in molasses. If your $9.95/month midnight sleepless, bleary-eyed, and upright web page is slow you have little to complain only courtesy of the twin blessings of about, but if your $50,000/month Web caffeine and adrenaline. In my email, I application is slow you pick up the phone found a note that several big clients had and scream until it stops. threatened to leave unless the problem To make matters worse, my grandmother had were resolved Thursday morning. If I hadn’t died only a couple days before. Visitation already been stressed out, the prospect was on Tuesday, and the funeral was of choosing a friend to lay off would Wednesday morning. Monday morning have done the trick.

8 BSD in a Panic, continued

Still, only a simple router flash upgrade and few required installation commands and some basic configuration stood between me dismantling every unused machine unlucky and relief. What could possibly go wrong? enough to be in reach to find two decent The upgrade went smoothly, but the router network cards. By 6:33 AM I had two Intel behaved oddly when I enabled traffic EtherExpress cards in my hands and a new shaping. Over the next few hours, I OpenBSD 3.5-snapshot system. I logged in discovered that the router didn’t have long enough to shut the system down so I enough memory to simultaneously support could wrench the case off, slam the cards all of our BGP feeds and the traffic shaping into place, and boot again. OpenBSD’s built- functionality. Worse, this router wouldn’t in PF packet filter includes all sorts of nifty accept more memory. At about six in the filtering abilities, all of which I ignored in morning, I got an admission from the favor of the traffic-shaping functions. By router vendor that they could not help me. 6:37 AM I was wheeling a cart with a I hung up the phone. The first client monitor, keyboard, and my new traffic who had threatened departure would be shaper over to the rack. checking in at seven thirty AM. I had slept Here, the killer problems manifested. I four hours of the last forty-eight, and had didn’t have a spare switch that could handle spent most of that time under a fiendish our Internet bandwidth. The router rack level of emotional stress. I had already was jammed full, leaving me no place to emptied my stash of quarters for the soda put the new shaper. I lost almost half an machine, and had been forced to pillage a hour finding a crossover cable, and when co-worker’s desk for his. The caffeine and I discovered one it was only two feet long. adrenaline that had gotten me to the office The router, of course, was at the top of the had long since worn off, and further doses rack. Fortunately, if I put the desktop PC of each merely slowed my collapse. We on end and left it sitting on the cart, the had support contracts on every piece of cable just reached the router. I discovered equipment and they were all useless. All this about 7:10 AM. I stacked everything the hours of work I had put in, and my so it would reach and began re-wiring the team before me, left me with a sum total network and reconfiguring subnets. of absolutely nothing. I vaguely recall my manager coming in I made myself sit still for two minutes about 7:15 AM, asking with taut calmness simply focusing on breathing, making if he could help. If I remember correctly, as my head stop sliding around loose on I typed madly at the router console I said my shoulders, and ignoring the loud “Yes. Go away.” ticking of the server room clock. What At 7:28 AM we had an OpenBSD traffic could be done in ninety minutes — shaper between the hosting area and our no, now only eighty-eight? router. All the client applications were I really had one only option. If it didn’t reachable from the Internet. I collapsed work, I would be choosing someone to in my chair and stared blankly at the wall. lay off or filing for unemployment myself. While everything seemed to work, the proof 6:05 AM. I slammed the floppy disk into would be in what happened as our the drive and started downloading the offending site started its daily business. OpenBSD install floppy then grabbed I watched with growing tension as that a spare desktop machine, selecting it from client’s network traffic climbed towards amongst many similar machines by virtue the red line that indicated trouble. The of it being on top of the pile. The next few traffic grew to just short of the danger line minutes I alternated between hitting the — and flatlined. Other clients called, happy

9 that their service was restored to its usual hardware room. The sign on it says “DO quality. (One complained that his site was NOT TOUCH: EMERGENCY USE ONLY.” still slow, but it turned out that bandwidth Should the clock tick down on some other problems had masked a problem with his problem, well, at least I won’t have to spend application.) The offending client complained the thirty minutes it took to install. that their web site was even slower than Michael Lucas lives in a haunted house in before, to which we offered to purchase Detroit, Michigan with his wife Liz, assorted more bandwidth if they’d agree to buy it. rodents, and a multitude of fish. He has Today, I have two new routers and new been a pet wrangler, a librarian, a security DS3s. The racks are clean again, without consultant, and now works as a network extra cables from thrown-together solutions. engineer and systems administrator with The desktop machine has been replaced the Great Lakes Technologies Group. He’s by two OpenBSD boxes in a live-failover the author of Absolute BSD and Absolute configuration, providing protection for our OpenBSD, and is currently preparing a big-name commercial firewall as well as book about NetBSD. shaping traffic. My thrown-together OpenBSD desktop machine is sitting in the corner of the

10 You Haven’t Had E-mail Since When? FreeBSD saves a dot-org, and maybe me, too! by Kevin Kinsey

The phone rang… “Hello, this is members. I didn’t think that was possible Susan*…this may seem strange, but I was in the 21st century. thinking about some problems we’ve been After removing Nimda from a couple of having, and I thought you could help us. machines, I asked about their e-mail. “Oh, Could you come down sometime and take a that hasn’t worked for a while…” Curiously, look at our computers? We’re really strug- I opened a couple of outboxes on their POP gling here.…” clients. The most recent sent items were She went on in some detail about the state from November 2000, ten months past!! of things at her office. I assured her I’d think Inboxes? Same story…. about it, and hung up…like Samuel Morse, Timidly, I asked, “Where’s the server?” thinking “what hath God wrought?” I’d “The server? Hmm, that would be Brenda*’s created an HTML page or two, but I was machine.” no computer genius. I had a computer and I had friends and a smart brother who Brenda was in charge of payroll and worked on them and with them, and that financial and membership records. Her was about it. My training was in a totally computer was a 500 MHz Athlon with 128 unrelated field; although I was currently in MB of RAM. The OS looked a tad different a “career path crisis”, I was neither computer from everyone else’s. Whatever it was, it repairman nor network consultant. didn’t run so well, and there were some obvious reasons. This machine was running The caller was a friend, personal secretary to an “Advanced” version of that same very the pastor of the largest church in a nearby popular OS, and between being infected city; I was on the ministerial staff at the with Nimda and attempting to operating smallest church in the next town up the as a PDC, along with IIS SMTP, and (for road, and as far as she knew, our computers some strange reason) anonymous FTP were always working. (Of course, she didn’t servers, plus Brenda’s browsing (she had know that we never asked them to do been smart enough to get a mail account much.…) at Yahoo!) and the large financial package I went down there; things were a mess. It she used, this machine was taxed past the was September 2001; in addition to frightful limit of its resources. Furthermore, I couldn’t things in the world at large, Code Red and believe that they would spend so much Nimda were ravaging computers globally. money just to run Web and Mail for 12 The machines at Big Church* ran that users. Of course, once I removed the virus “Wonderful” OS (well, it starts with a “W”, I discovered they hadn’t spent quite enough! anyway) and some were infected. Furthermore, There was no POP/IMAP service on this although everyone had high-speed Internet, box, it was not firewalled, and most of the almost no one was using e-mail to commu- services it did offer were badly configured nicate. It was strange; an organization with or not working properly. their own domain name, over a dozen paid I called a friend of mine who worked for a staff members, and a budget of nearly a small ISP. He’d been kind enough to do a million dollars still depended on sticky little open-source evangelism with me, and notes for intra-office communication and had given me a shell account on a virtual spent a lot of phone time just hashing out server that hosted the company’s website. details of upcoming activities with their I’d learned a little about telnet and ftp,

11 knew ls and cd, and could use pico to edit a rather familiar CLI environment. In less text or HTML files. I was certainly no guru. than a day, we had SMTP and POP3 “What is that OS I’ve been talking to on capability inside the building. Then we your web server? Some kind of Linux?” I moved the HTTP service to this little asked. (His kids teethed on little penguin clunker. Now Brenda’s financial app would toys…he had a five-box LAN in his work better because she wasn’t sitting on an house…these days I’d call him an overworked box with no resources. Later we übergeek… ) started in-house DNS to ease the load on the “No, that’s a little more ‘hard-core’. ISP and router. As a bonus, all this was Probably a-BSD. Maybe FreeBSD. Why?” accomplished with free software and hardware that was waiting for the dumpster. Hard-core? (Brief shiver)…I swallowed hard and gave him an overview. He told me I That was almost three years ago. Today, that should do something about the situation church hardly ever calls me with problems, (besides letting this server spew viruses all and when they do, they’re never server- over the place) and that an open-source OS related. I do think I’ve proactively changed like FreeBSD would probably be just the every piece of hardware on that box, as parts thing I needed. “You can read everything have become available, and as their website you need to know on the ‘Net.” So, with has grown way past the size of the original at least a bit of trepidation, I pointed a HDD, but the server still bears the same browser at www..org. “All you need name, and today provides even more services is a pair of freshly formatted floppies and both to the LAN and the outside world. these instructions.…” As for me, I still have that part-time minis- I went home and read up a bit (I grabbed terial position, but also have a growing the entire FreeBSD Handbook in .rtf format.) business in networking, troubleshooting, I printed several pages. I formatted the and web application programming that has floppies and read the instructions. added substantial income to the family budget, and given me some direction for The next day I was back. I found, in an that career path crisis. upstairs closet at Big Church, an old clunker that wasn’t up to modern specs. It booted, This is no testimony of “what FreeBSD and had a rather small HDD, but it didn’t can do for your Fortune 500 shop”. Frankly, clack too much and the fans sounded OK. unless I become a better businessman, I’ll I managed to stick a NIC in it and cable it to never make a killing. But there are lots of their switch. Booting from the floppy, little problems everywhere that people need holding tight to a couple of pages I’d good tools to solve, as well; I found a good printed from the online Handbook, I tool in FreeBSD. clunked away though sysinstall. If I I imagine FreeBSD can offer the same things remember correctly, it took two, maybe to anyone that it offered to me, and even three attempts to navigate the menus much more. But I know that because of its correctly — it was a little different than I stability, excellent documentation, helpful was used to, but the alternative was paying user community, highly versatile design thousands of dollars to someone who didn’t (and of course its cost), FreeBSD was a even care to come and check up on the seminal force in this growth in both my machines they had installed and (appar- life and the life of Big Church. Guess what ently) hadn’t been there for 10 months.… pretty desktop I’m writing this on? To make a long story shorter, once I C’mon, you already know!! navigated the installation menu properly, (*names changed to protect the naive FreeBSD installed itself. I found myself in [except for me])

12 You Haven’t Had E-mail Since When? FreeBSD saves a dot-org, and maybe me, too!, continued

Kevin Kinsey owns DaleCo, S.P. (www.daleco.biz), a small consulting firm located near the equally small town of Jasper, Missouri, where he lives with his wife, children, and one cat. Starting in 2001 with two customers and little experience in the industry (other than hanging around the back room of a local ISP), the company continues to experience slow yet steady growth. Prior to “Y2K”, Kevin had an 11-year career in public education, teaching vocal and instrumental music in 3 Missouri school districts. He claims to have no free time (and therefore no hobbies); one of his life goals is to convert his brother (an NT system admin- istrator) into a vocal FreeBSD advocate.

13 A FreeBSD Success Story (and DragonflyBSD too) by Scott Robbins

When I first came to my company, which were doing, but also saved the company I’ll call Astral (name changed to protect the a good deal of money, we had a little guilty), great changes were underway. The more freedom. company had outsourced IT prior to the One of the first steps was to take some of arrival of my boss and myself. Users, the file sharing off of the NT servers and put running Win9x, could do whatever they them on FreeBSD boxes running Samba. wished with their computers. I spent most This was easy enough and successful. Even of my time in the first few weeks simply using older discarded MS workstations, reinstalling totally borked systems. reinstalled with FreeBSD, freed a great deal Neither my boss nor myself were big of space on the servers. Microsoft fans. Although I have various MS Next, with a bit of trepidation, I began using certs, both he and I preferred various flavors CUPS (sometimes said to stand for Can’t of Unix and its clones. He works in our NJ Usually Print Stuff). However, it went quite warehouse and I was responsible for the well. It was fairly straightforward, allowing NYC side of things. the MS boxes to use their client drivers. Although my *nix experience had begun Our company works in fashion. We must with Linux, at some point FreeBSD became store a great many images of dresses. Again, my O/S of choice. I had wide latitude in space had been an issue, and I migrated what I did on the NYC side, so long as I many of these directories successfully over kept my users happy. So, I began investi- to the BSD boxes. gating what I could move to FreeBSD. At present, future plans involve having two My job can involve anything from helping somewhat more powerful boxes as servers a user put the taskbar back at the bottom (one is already in use as a print and file of the screen to rebuilding a crashed server. server) and having them back up the images We are using an NT4.0 domain, and the to each other using rsync. The file and print servers are aging and having more and serving are both completely transparent to more problems. the users. We will shortly be moving the Additionally, a more than adequate box DHCP server over as well. from four years ago soon becomes outdated. I have a couple of other older, discarded The two gigs of storage space for one of the boxes sitting on our various subnets. (Astral companies on a server was rapidly filling. is actually an umbrella company. Each The half gig of the C: drive was nowhere division has its own showroom and near enough as printing jobs got larger, and production room, all in different buildings users would receive error messages about on different floors). These are very handy there not being enough disk space to when I have to reinstall a user’s machine complete a print job. or transfer their files when I upgrade a Due to the nature of the business and computer. Our network is old, and transfers financial constraints (one of my mentors are far faster when copying between two once said that the top two OSI layers are machines on the same subnet. politics and money) we often had to use For a very small time investment, we have a band-aid approach. However, as things found FreeBSD has saved us a great deal became a bit calmer and people saw that of money and time. I have even been a bit we not only knew (more or less) what we

14 A FreeBSD Success Story (and DragonflyBSD too), continued daring, running 5.2.1 with no problems Enter DragonFlyBSD-1.0A_REL live CD. whatsoever on some not at all mission critical I used it to boot his laptop (a moderately servers. I’m able to indulge myself enough to new Toshiba Satellite) without problem. have my own personal workstation running DragonFly had no trouble detecting the FBSD 5.2.1, and only have to turn on an MS builtin ethernet, and using dhclient brought box to walk a user through something or to me onto the network. I was then able to test our one particular custom application. mount his C: drive with mount_ntfs and Having heard some interesting things about from there, was easily able to copy his DragonFlyBSD, I have been playing with it important documents and outlook.pst file on a few test boxes. As each release was a over to one of our FreeBSD samba servers. small download and quick burn, I simply From there, it was a simple matter to use the put the latest one on CD as it’s released. machine’s recovery CD, reinstall the O/S, and I’m still just playing with DragonFly and replace his files from the samba box. had no plans to use it in a production While this isn’t anything amazing, I did find environment at this point. It’s more of a new it nice that I’d already put DragonFly into toy than anything else. I like it, but am still production use, in a manner of speaking. a bit unfamiliar with it, and run into often Scott Robbins is a Junior systems/network amusing problems, such as installing it with adminstrator for a mid-size Manhattan the defaults, then following the README’s fashion company. Although Microsoft instructions for updating without realizing certified, he far prefers working with Unix, that my /home partition (where it’s putting and desperately hopes to find a job as a source) is only a few hundred megabytes. Junior Unix Adminstrator. His web pages, However, its live CD came in handy recently. with clear (though sometimes mistaken) Like many sys/net admins in an explanations of various aspects of *nix: environment where most users are running at home.nyc.rr.com/computertaijutsu MS, we have our problems with spyware, viruses and the like. A partner had opened an ecard from his daughter, clicked on something, and was suddenly deluged with popups. At times, such problems have been cured by installing the latest MS service packs, so that’s what we tried to do. Upon downloading and installing the first set of critical updates, his computer failed to boot. Ok, we’ll boot it in safe mode and remove the update. No good. It would power up, then restart. Trying safe mode with command prompt also brought no joy. It seemed as if he might lose all files on the computer.

15 BSD In a Microsoft Office by Joe Warner

After being introduced to the FreeBSD work, since, like most of us in this day back in March of 2000, I and age, this is where I spend the bulk was so amazed with it that I wanted to find of my time. a way to use it in the office where I work. As luck would have it, I was able to locate Two years before that, I had gotten my feet an older Compaq Deskpro pc that wasn’t wet with Linux, mostly tinkering with being used. It was a 200 MHz machine Caldera and Red Hat. I was impressed with with 64megs of RAM and a 4 gig hard Linux as well. So much so, that I joined a drive. It turned out to be the perfect choice. local Linux Users Group (www.sllug.org). It FreeBSD 3.4 installed easily on it, using the was during one of our user group meetings entire amount of space on the hard disk. that I was introduced to FreeBSD. During During the install process, I was given the the meeting, CDROM sets of FreeBSD 3.4 choice of either manually creating the were handed out and I was lucky enough necessary partitions or selecting ‘A’ and to get one! letting FreeBSD do it automatically. Since The very next day, I installed FreeBSD on I had only installed FreeBSD once before, an old pc at home and was immediately I decided to let FreeBSD do the dirty work. amazed. The overall configuration and Before I knew it, I had a powerful, stable layout of FreeBSD, from the installation and functional operating system at my choices to the directory and file structure, fingertips! were in a really logical order. Everything After spending a week or two of explo- about it just seemed to make more sense. ration, I discovered that the famous and One of the things I was most impressed powerful Apache web server was already with was how easy it was to install applica- running! I stumbled into this when I tions from the vast ports collection. I also pointed the web browser on another liked how FreeBSD gives you the choice of workstation to the IP address I had given which applications you want as part of the my FreeBSD system. I was immediately base install. Some OSes seem to include a overwhelmed with excitement and fasci- lot of applications during the install process nation when I saw the Apache welcome that you may or may not have interest in screen. This discovery spawned a great using. This can be especially troublesome idea. Previously, our office had never if you have an old pc with a small hard implemented the creation of a local drive. I like the idea of installing just the intranet. I knew that the use of corporate core operating system and then having the intranets were wide spread and anticipated choice of going back and installing what the need for such a useful source of help I want. I mean, who really needs fifteen and information in our office. different text editors, when two or three I immediately set to work, creating web will do? pages with the use of Netscape Composer, After tinkering with FreeBSD at home for a that contained helpful information that our while, amidst all the noise and distractions users could draw upon when they needed that go with a family setting, I decided to it. I was amazed at how fast it was to access see if I could install it on an unused pc at these pages through a web browser, rather work. The logic being that I would have the than accessing the same information locally, chance to learn more about BSD/UNIX at from a file server or email database. This

16 BSD In a Microsoft Office, continued was especially apparent while dialed into A few months after we moved into our new our network remotely. building, one of my managers voiced the A few months after I put FreeBSD/Apache need for some kind of network monitoring to work, news came from upper management software or tool that we could employ to that there was an interest in employing the monitor the health of our network and use of intranets at all the remote field offices. identify problems. He was considering Other web servers and content soon sprang the purchase of an expensive, hand held forth and now we have a fully functioning monitoring tool that would cost thousands intranet in place and more and more of our of dollars. I told him that I probably already employees are showing interest and becoming had some kind of network analysis software involved. We have more than a few employees on my FreeBSD machine and asked him to now who are acting as content publishers and give me a little time to find out. I also told are creating and maintaining sections of our him that if I was able to find something that intranet themselves. There are also more than would do what we wanted, we could save a few employees and co-workers who are now our office and the company a lot of money. interested in the BSDs and wish to learn more. He agreed and I was soon searching the The Apache web server (http://www.apache.org) ports collection on my FreeBSD machine was a great find, but it was hardly the end for just such a utility. of many discoveries I would make and ideas It didn’t take me long to discover that I I would come up with. After more reading, already had access to powerful network research and tinkering, I had an FTP server analysis utilities like The Ethereal Network running and after a few days, had a Samba Analyzer (www.ethereal.com) and Snort server (http://www.samba.org) running as (www.snort.org). well. This proved to be invaluable, since I decided to start with The Ethereal Network now, I can create web pages from any Analyzer because it was the most GUI of the workstation on our network and copy utilities that I had found and was a more them directly to the web directory on tangible and suitable way to present my FreeBSD system! network analysis information. Most of my Acceptance and interest in the various managers and co-workers use Windows NT BSD Operating Systems, and what they are and have never had exposure to UNIX capable of, was growing. Not only were co- terminal screens or UNIX shell access, much workers in my department taking notice, less the BSDs or even Linux. but my managers as well. Just the cost During my first attempt at using Ethereal to saving factors alone that come with the use monitor our network, I was able to immedi- of BSD, and other Open Source operating ately identify a problem and report it so that systems and applications, are hard not to corrective action could be taken. I noticed take notice of. that one of our Lotus Notes Domino Our division had recently moved to a brand Servers, running on the IBM iSeries new building in an industrial section of our platform, was sending out a barrage of city. The building was constructed from the network announcements. I immediately ground up with our business needs in mind. went to our Lotus Notes Administrator and Everything in the building has a spacious asked if he was aware of any problems. He and contemporary look and feel, including said he hadn’t heard of any and just when I a state of the art data center that can be was about to leave, one of our employees seen through large glass windows from one that was engaged in development on the of the main hallways. Our network is fast, server came in and said that she was unable at 100 megabits. to log on. It turned out that the problem

17 was with the TCP/IP configuration and was When I first started using FreeBSD, I was soon corrected. so amazed and taken with it that I could Right away, my managers could see that be heard preaching the BSD gospel almost this was a useful and powerful utility to every day. Keep in mind that most people have in place and I still receive requests all will continue to use whichever operating the time to identify possible problems and system or application they are comfortable collect information on individual nodes with. Don’t be such an advocate that people on our network. become afraid to even mention the words Recently, I and other members of our “FreeBSD”,”NetBSD”, “OpenBSD” or “BSD” department had reason to believe that an around you. Remember, the louder you are, intruder was trying to gain direct access to one the harder it can be to hear you. The phrase, of the nodes on our network via telnet or by “Action speaks louder than words”, certainly using a port sniffer. I used Snort to effectively applies here. Quietly learn about the BSDs, capture packet information from this node. how to use them, and offer the amazing demonstration when the opportunity After monitoring the suspicious activity for presents itself. Soon, that old pc running a couple of weeks, it was determined that the one of the BSDs will be the honey that attempts were coming from a node with an attracts the bees! invalid IP configuration and not an intruder. Joe Warner is a Technical Analyst for When I first had the idea of finding ways Siemens Medical Solutions Health Services to use Open Source operating systems and Corporation and has been using FreeBSD software at work, I thought I’d have a very as a server and desktop since October of difficult time doing this, since our office has 2000. Joe has lived in Salt Lake City, Utah been a Microsoft/IBM shop for years and for most of his life and enjoys *BSD, these platforms and associated software computing, history, and The Matrix. are what our employees are used to using. I never intended to recommend the Excerpted from Daemon News: BSD in replacement of these platforms in favor a Microsoft Office of the BSDs or Linux but rather to employ www.daemonnews.org/200103/adventure.html and integrate the use of these platforms in a more cost effective and productive way. For those of you who are considering employing the use of FreeBSD, NetBSD, OpenBSD or BSD/OS in your office or company, I would recommend that you install it on an available pc. Explore the huge number of applications, (currently over 10,500) in the ports collection and the many uses these powerful and unique operating systems have to offer. Start with things that are tangible and easy to see the benefits of and understand.

18 Museum Guardian by John Richard

I was contracted to analyze and improve a I created an IPSEC tunnel to my home network for a non-profit museum after they systems using open source software from had received a small government grant for the FreeBSD ports collection, and was able IT. As most people are aware, most non- to securely administer the network from profit organizations are usually non-profit the comfort of home, when needed, by by function rather than by design, therefore installing Samba, also from the ports the budget was minimal to non-existent. collection, on the FreeBSD box. After getting the lay of the LAN, I found The little sentry functioned flawlessly and very serious security problems, caused by a has continued to do so. My only concern complete lack of knowledge and experience was that one of the volunteer janitorial staff with IT at this organization. would throw out the machine due to its In my report to the manager, I pointed out appearance. The server closet was just that, that having a MS server with no firewall, a closet, and with the ugly little box being connected to an “always on” broadband mounted on what appeared to be a milking internet connection was a bit risky to say stool, it did not come across as impressive the least. Having thousands of credit card to the untrained eye, even though it was numbers in a completely open shared folder the guardian for the museum. A large sign, fell under the “very bad thing” category. complete with skull and crossbones reading After explaining the risks of openly available “FIREWALL. Do Not Touch on Pain of shopping on the museums dime, smelling Death” fixed that problem. salts were used to revive her. Without the free availability, functionality, I explained that at a minimum, the first and stability of FreeBSD, a costly alternate thing required was a rock solid firewall. solution would have been required, “That sounds very expensive. We can’t possibly causing the cancellation of afford something like that now” she said. wine and cheese parties. “Give me a day and it will be in place” FreeBSD saved the day. I told her. Incidentally, the credit card numbers were I had found an old but functioning Pentium immediately secured. 166 box on the premises, not being used. John Richard, commonly known as JR, now “What will this cost?” works for an ISP in the Kingston Ontario “Nothing” I told her. area, attempting to remove the speedbumps A new FreeBSD disciple was instantly born. from the information highway. When not An additional NIC that I had found in the driving his wife and kids up the wall with PC parts graveyard (museums never throw geek-speak, he is usually riding his Harley, things out) was installed and FreeBSD was or fixing something for someone. easily installed on the old machine. With a quick kernel rebuild, a few setting changes, and an ipfilter rulebase that I don’t leave home without, the museum had a free, solid firewall. I also made the FreeBSD box the internal DNS, and DHCP server, as the existing unit went down more often than the stock market.

19 OpenBSD Saves the Day by Jan Peterson

My company had recently been acquired. I bought a couple of HP Pavilion desktop We were a small software development computers (no monitors, keyboards, or company and had been using CVS for our mice) for about $800 ($400 each) and source code management. Our new parent headed back to the office. In a matter of a company was larger, with an existing web few hours, I had OpenBSD installed on both presence that they intended to integrate machines and was playing with the IPSEC our catalog system into. They were using configurations. One quick phone call later Perforce for their source code management, and FEDEX was on it’s way to pick up a box and mandated that we hook into their containing one configured HP Pavilion. One system (i.e., the repository would be located day in transit and the box was in San Diego. at their site, in San Diego, and we would I got a call from the parent company’s have to check files and work spaces in and network guy the next day. He had received out over the WAN from our offices in Salt the machine and set it up right under his Lake City). desk (where he could keep an eye on it). Since we already had a T-1, it was deemed With another hour or two of fiddling with overly expensive to put in a point-to-point configurations to get both endpoints talking link. It was decided that a VPN was the best to each other, and getting each internal solution. The new company’s IT/Networking network routing the appropriate subnets team was convinced that putting a Cisco to each other, we were able to bring up the PIX in place at our office was the best IPSEC link and our developers were able to solution (they were a Cisco shop and check their stuff into Perforce on the other already had PIXes for their own firewall). end of the link. They immediately started looking at Mission accomplished, thanks to OpenBSD! different PIX models and Cisco’s VPN We had an IPSEC tunnel in place using technologies, with an eye towards being 3DES and automatic key exchange. able to ship us a configured unit we could The company did end up dropping $30k just drop in place (replacing our existing on a PIX for our location, and ultimately FreeBSD based firewall at the same time). brought up a “supported” VPN connection. Their estimate on a time frame was four to It only used single DES (the 3DES option on six weeks. the PIX was “too expensive”), relied on static My developers were anxious to get working keys, and took six weeks to implement, but in the new source management system as obviously it was superior because it cost a soon as possible (with pressure coming from lot of money. The OpenBSD boxes were their new bosses who had mandated that we retired and I believe they ended up as cut over within two weeks). They turned to home workstations for internal developers. me to find an interim solution that we could Personally, I would have stuck with the get running in a hurry. I immediately OpenBSD solution. It was fast, cheap, and suggested an OpenBSD solution using the it worked. Normally, you only get to pick IPSEC functionality that was built in to the two of those! OS (this was around the time of OpenBSD Jan L. Peterson is a professional system 2.7). I got approval from my management, administrator with 16 years of experience grabbed my corporate AMEX, and headed working with multiple Unix versions (and down to CompUSA. the occasional Windows machine). Laid off

20 OpenBSD Saves the Day, continued

from his last job when the company was acquired by a direct competitor, he has spent the last couple of years as a consultant. More about Jan can be found at http://www.peterson.ath.cx/~jlp/.

21 A FreeBSD Implementation by Travis Stevenson

A bit of history, I’ve been using FreeBSD transfer patches and updates to customers since 2.0 got released. I started on my quest sites. I transfered from my job to a R&D of all things BSD when I was working for one from a comment that I made about Clark Development (PCBoard BBS Software) Linux, I told them it was terrible. They then in 1994. I worked in sales and software asked me what I prefer, I said ‘FreeBSD’; duplication. When the development team this surprised them and after a few days started talking about TCP/IP, I wanted to they asked me if I would like to join the learn what it was. I jumped on Aol and team. starting searching for TCP/IP. I found a lot Even though the product line ran on AIX of entries for UNIX but nothing that could and SCO, they were very much into help me and then I typed in the magical Windows and wanted all of us to be words ‘TCP/IP unix pc’ and I found Linux. MCSE’s. Which we became. Fortunately, I spent the next few days downloading 17 our IT department was very much into floppies of Slackware and installed it. It was Linux and open source. Unfortunately, very exciting. The first thing I noticed was the company wouldn’t let us use it. So we the lack of trumpet winsock, I was so niave. slipped it in where we needed it. I was I couldn’t figure out how to get on the the only FreeBSD user in the department, Internet. I jumped back into Win3.1 and everyone else favored Linux so I got voted learned how to connect to the Internet. out pretty quickly. I learned a lot things This went well, but I wasn’t happy. about SCO and AIX during this time and Linux worked but I thought there was plenty on how windows should work. more. It crashed a couple of times and I was The success: unhappy with the response of the system 5 years ago I was working for a small school when I went to untar packages. Then I went district in Wyoming when I got a job for a back to Aol, started searching for more pc major convienent store chain in the inter- based unix’s and the next thing I found mountain west. They just got connected to was FreeBSD. I went to Walnut Creek the Internet and had implemented Linux and learned all I could about FreeBSD. This on the firewall. Since I had a lot of great was a very exciting time. I decided that I opportunities to learn the tools needed to needed to purchase the cd’s this time. I then create a firewall, I stripped it out in the first spent many days and nights learning about week and changed it to FreeBSD 4.3. The this operating system. Testing my knowledge, company was a big AS400 shop and had breaking things that I couldn’t fix and then started on a couple of projects that would trying again. I also starting learning about have utilized Windows gateway products to a lot of opensource software that was connect to the AS400. I balked at this and available and started to implement them. said that this could be done with FreeBSD. This was a very knowledgable time for IBM had released Linux odbc drivers for the me and put me on my start of a profession AS400 that spring and I had attempted to that I didn’t believe was available for me make it work. Unfortunately I didn’t have at that time. the patience to get apache/php/AS400 odbc Jump 3 years. I started working for a working in Linux emulation so I gave in company that developed software for the and installed Red Hat. But I wasn’t about lumber industry. I was originally hired to to install Linux on the servers that faced

22 A FreeBSD Implementation, continued the Internet so I created a proxy that would and ftp/http server for freebusy schedules— handle all the requests and send them back all running on FreeBSD with the services to the web servers. built around LDAP. It was immediately During this time we had implemented all approved. We rolled this out in three the firewalls, vpn’s and web servers on weeks with great success. FreeBSD. The CTO had wanted to implement Since then the success of this has helped in these in a span of year. I had accomplished the creation of a very structured and stable this in months. The usability of FreeBSD network where we have authentication on our network was set. Then two things servers, file servers and processing servers, happened that pushed the usage of FreeBSD email servers and database servers all running from the perimeter to internal processing on FreeBSD. We still have Windows servers and both were related to Microsoft. for Microsoft-only solutions that we can’t One of which was running NT4 to handle remove and we also have Linux servers. But the extraction of flat files databases. This even those Windows servers have to authen- server would cause us a lot of grief in the ticate against our FreeBSD servers. middle of processing data. Under heavy 2002 was a difficult year for conveniant loads, the server would stop responding stores as people traveled less. We felt it and we would have to reboot. The stores financially as I’m sure other companies had. that were connected would have to be During this time we were able to increase notified that they would need to resend. the services of our network infrastructure This was time consuming and very inter- at only the cost of hardware. This has been ruptive. I then researched perl’s capabilities shown as a great value to our company and of extracting dbase files and created a will continue to have a place on our network. solution that allowed the stores to submit For all of the network services that we information to the FreeBSD server where it provide, we picked FreeBSD for the security, would extract the information and submit stability, ease of OS upgrades and the amount it to our financial system. This solution was of software that can run on it. With the golden: the uptimes of the servers went to ports tree available it has proven to be an months and we didn’t have to tell the stores unbeatable solution. to resubmit. Since the beginning we have Travis Stevenson is the manager of the turned this scenario into a a very powerful network infrastructure at Maverik Country and scalable mechanism for submitting Stores in Afton, Wyoming. Over the last 8 and prepping information. We also incor- years he has administered UNIX and UNIX- porated perl’s XML support to process based systems and Windows administration. Openoffice spreadsheets that get sent He currently acts as chief network engineer through this mechanism. All of this is and security architect and is a die hard running on FreeBSD. FreeBSD user. We had a typcial Microsoft Domain, PDC, BDC and two Exchange servers. I had started to look into Samba-TNG as a domain controller solution. It was received well but it was viewed as being unnecessary. Then came Microsoft licensing 6.0. We did an audit on our licensing and found that we were short. We decided that we needed to look at alternatives. Our solutions were Samba-TNG, LDAP, Cyrus, IMAP, Postfix

23 Open Source Software in Co-operation Ireland by Mike Doyle

I am the Network Administrator for a charity hard disk, was Squid, a web proxy server that employs roughly 60 staff spread over package. This allowed me to let all the staff 4 offices in various parts of Ireland, (Dublin, in our Dublin and Belfast offices (which Belfast, Armagh and Cork) and also has a were connected by ISDN routers) to share fundraising office in New York. While all the outbound Internet connection to view of our end-user computers are PCs running external web pages. various versions of Microsoft Windows, we Multi-user Databases over a WAN make considerable use of Open Source software on our servers. Co-operation Ireland had a database that, when I joined the company, was imple- Our First Experience: email mented in Microsoft Access, and was The first project that introduced Open replicated between the offices in Dublin Source software into Co-operation Ireland and Belfast using scripts to merge changes was setting up a server to serve email to all between the two copies. This was far from staff. We did this towards the end of 1997— an ideal solution, and sometimes the repli- prior to this only two members of staff in cation procedure lost information. the entire organisation had email access, and I was tasked with finding a solution to introducing email for all members of staff this problem, and the solution I came up was the first “major” project I undertook as with used some of the software already Network Administrator. I evaluated several described (Apache), and two more open commercial mail server applications for source packages: the PHP scripting Windows NT, and decided that they were language and the PostgreSQL database all prohibitively expensive given my budget, software. Using these tools, I was able to and our ISP recommended that I look at re-implement the database application so FreeBSD. So, I installed FreeBSD 2.2.5 on that there was a single database server, a spare computer that was available (it had and all the users connected to it using a Pentium 90 processor, 32 MB RAM, and web-browsers on their desktops. Perl is 1 GB hard disk space). We used (and still also used for some coding tasks (for use) Sendmail as the MTA, and Qpopper as example importing/exporting data to the POP3 server software. This enabled me the databases). to give each and every member of staff email File servers for branch offices without spending large amounts of money. Our branch office in Armagh was too small Expanding our use of Open Source for the budget to supply a file server. For a Software long time the two or three staff members in In 1998 I added two extra packages to the Armagh (or Monaghan originally) kept their mail server. The first was Apache, which files on their own hard disks. A couple of allowed us to have an internal website. This years ago, I built a server for this office has been a very useful tool as that allows us (again using a PC that was too old for to store reference documents that all staff desktop use) using Samba to provide file members need access to in a central location. and print sharing. This server also used The second application installed on the one of the two firewalls that comes as part server, which in time provoked the eventual of FreeBSD to allow all the staff in Armagh upgrade to a server with a larger (2 GB) to share an Internet connection. Once again,

24 Open Source Software in Co-operation Ireland, continued

all of the software installed on the server news and events sections of the website in Armagh was installed using the FreeBSD up to date. (The discussion forum software ports system. is phpBB). Web Calendar Factors influencing choice of software Another project implemented using Open In some cases (e.g. using Samba for file Source software has been the roll-out of a serving) there is simply a choice of the web-calendar for all members of staff. Again, commercial software and one Open Source we are using a package called SWebCal to alternative. In other cases (for example implement, free of charge, a feature that is selecting PostgreSQL as the database server) offered as part of commercial groupware there are other choices available. In these applications. (It is offered, in addition to cases ease of installation, quality of on-line email, as part of both Lotus Notes and documentation, and even the recommenda- Microsoft Exchange, either of which would tions of other users on the FreeBSD mailing cost a large amount of money for an organi- lists have helped me to make up my mind sation our size.) about what to use. I originally selected The arrival of DSL, and the PostgreSQL over MySQL after evaluating them because the HTML documentation implementation of a VPN for PostgreSQL was better structured. Even In 2002, DSL became available in Dublin, now almost 5 years later, I still feel that the and in 2003 it became available in Armagh. biggest differentiating factor between these We moved from having a leased line two products is the quality of the documen- between our Dublin and Belfast offices to tation! My choice of FreeBSD over Linux having a VPN over DSL between these two was originally based on the recommendation offices. When we were able to connect the of an outside “expert”, but I have since used Armagh office using DSL, we were able to SuSE and RedHat Linux for various tasks extend the VPN to include this site as well. and always come back to FreeBSD as my Once again, the software (Racoon for key preferred platform given a choice. exchange and IPSec for the encrypted As the Network Administrator for a charity, network connections) was distributed along cost has always been a factor influencing with FreeBSD. (By this stage, when I rolled my decisions, however the tool (hardware out the VPN to Armagh, FreeBSD had or software) has to actually “get the job reached version 4.7. It is currently on done”, and to do so without wasting my version 4.10). time, or demanding too much of my users Again, Co-operation Ireland have been able who are not prepared to learn to use Unix to use otherwise obsolete equipment and free themselves. We still use commercial software to implement a solution that would software for many tasks. It would be hard have cost a large amount of money to build to quantify an exact cost saving that has using off-the-shelf commercial tools. been made, since certain of the tasks that Public Website I use Open Source software to accomplish would have been ignored or cancelled if Our external website is hosted on a server they could not have been carried out at such located at our ISP. This server uses Red Hat a low cost, while others would have been Linux (since that is supported by the ISP), regarded as critical enough that they would PostgreSQL, Perl and PHP to provide a have been implemented some other way. dynamic website that includes a discussion The primary advantage of Open Source forum for a school project, and an in-house software is the cost. The second advantage content management system to keep the is that most of this software is documented

25 extremely well, and this documentation is Source software has been the speed and available on-line and easy to find. While quality of responses to requests for help the quality of the documentation varies, I posted to the various mailing lists. have found the on-line documentation for (Commercial software usually requires FreeBSD itself, and for PHP and PostgreSQL expensive maintenance contracts to be taken to be of exceptional quality. Samba, Apache out for technical support.) Michael Doyle and Perl all have very good online resources graduated from University College Dublin to help an administrator to accomplish any with a B.Sc. in computer science in 1993. necessary task, but I personally found For the past seven years, he has been the navigating these documents to be a little Network Administrator for Co-operation slower. To be fair though, much commercial Ireland, a charity involved in the peace- software comes with downright unhelpful process in Northern Ireland. He lives in online help, and so in every case where I am Dublin, Ireland with his wife and infant using Open Source software, the quality of daughter. In his spare time (not that he the documentation has also been a bonus. has much these days) he plays the guitar Another added factor for selecting Open and sometimes writes music.

26 BSD Resources

The FreeBSD Project freebsd.org

The OpenBSD Project openbsd.org

The NetBSD Project netbsd.org

BSD DevCenter. onlamp.com/bsd

DaemonNews daemonnews.org

BSD Newsletter bsdnewsletter.com

Putting BSD to work for you bsdatwork.com

BSD Resources bsd.reedmedia.net

BSD Forum bsdvault.net

27